lyrathorpe/nixfiles
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Feat/edaas renovate review timer #28

Merged
lyrathorpe merged 2 commits from feat/edaas-renovate-review-timer into main 2026-06-16 10:40:50 +01:00
Conversation 0 Commits 2 Files Changed 3
+176
lyrathorpe commented 2026-06-16 10:36:45 +01:00
Owner
Copy Link
Copy Source
No description provided.
lyrathorpe added 2 commits 2026-06-16 10:36:45 +01:00
feat(edaas): add daily headless Renovate PR review timer dc08522bab 
Add a systemd user timer on the EDaaS/WSL host that runs Claude Code
headless once a day (08:47) to review Renovate dependency PRs awaiting
Emma's review. It queries GitHub via the project-scoped github MCP
server, excludes PRs against archived repositories, grades each PR's
risk, and writes a recommendation-only summary to the journal
(journalctl --user -u renovate-review). It never approves or merges.

- lyrathorpe/home/renovate-review.nix: wrapper + service + timer.
  Auth is Vertex AI via the inherited project/region/model env; Claude
  Code provisions its own network egress, so no proxy is set. The
  prompt lives in a store file so its literal backticks/$ don't trip
  shellcheck in the wrapper.
- lyrathorpe/home/work.nix: import the module (host-scoped to EDaaS).
- system/machine/EDaaS/configuration.nix: enable user linger so the
  timer fires without an attached login session.
feat(edaas): auto-approve low-risk Renovate PRs + daily shell reminder
CI / flake (pull_request) Successful in 4m0s
Details
783754bda2 
Extend the daily Renovate review so it triages instead of only advising,
and surface results in the interactive shell.

- Auto-approve: PRs graded low risk (patch/minor bumps to tooling, infra,
  test or framework libs; symmetric diff; CI passing; no app logic) that
  are not already approved get an APPROVE review via
  pull_request_review_write. These repos automerge on approval, so this
  merges them with no human in the loop -- intentional. Medium/high risk,
  failing/pending CI, stale branches and anything needing judgement are
  left untouched for Emma. No merge tool is granted.
- State + reminder: each run records ~/.local/state/renovate-review/
  {last-run,needs-review.txt}. A once-a-day interactive zsh reminder
  (programs.zsh.initContent) warns if the timer hasn't run, lists the PRs
  needing review, or confirms an all-clear.

Verified: nix build (eval + shellcheck) green; triage parsing and the
reminder's run/stale/all-clear/throttle branches exercised against
synthetic state. The first live auto-approval is left for a supervised
scheduled/manual run.
lyrathorpe scheduled this pull request to auto merge when all checks succeed 2026-06-16 10:37:50 +01:00
lyrathorpe merged commit 6730efa3ce into main 2026-06-16 10:40:50 +01:00
lyrathorpe deleted branch feat/edaas-renovate-review-timer 2026-06-16 10:40:51 +01:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
renovate-bot lyrathorpe
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: lyrathorpe/nixfiles#28
Delete Branch "feat/edaas-renovate-review-timer"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?